Law enforcement authorities in China have arrested eleven hackers suspected of developing Fireball malware which infected 250 million computers worldwide. Among the infected devices, 20 percent belonged to large corporate networks in various countries.
Fireball malware was discovered two months ago by researchers at Proofpoint who noted that its mission is to infect computers in an attempt to generate revenues through forced browser advertisement. So far the hackers earned 80 million yuan ($11.84 million) with their malware campaign, reports Beijing Youth Daily.
At the time of discovery, researchers found 25.3 million devices in India and 5.5 million devices in the US were infected with Fireball malware.
“Specifically, 25.3 million infections in India (10.1%), 24.1 million in Brazil (9.6%), 16.1 million in Mexico (6.4%), and 13.1 million in Indonesia (5.2%). The United States has witnessed 5.5 million infections (2.2%).”
How the hackers were arrested
Fireball malware was being spread by a legit Chinese software company Rafotech. However, their scam campaign was exposed by a local Chinese security researcher after which police began its investigations.
According to state run news website Xinhua, the researcher analyzed how the malware worked and how its transmission methods functioned. Proofpoint’s research helped him to identify that Fireball carries the same malicious code which he found in Rafotech’s freeware.
